ZDNet

Microsoft ships free code auditing tools to thwart SQL injection attacks

On the heels of a dramatic rise in SQL injection attacks linked to drive-by malware downloads, Microsoft has released aimed at helping Webmasters and IT administrators block and eradicate this attack ...
ZDNet

SQL Injection Attack: What is it, and how to prevent it.

The way that Yahoo! was hacked, SQL Injection attack, is the same method as many other hacks in the news recently: SQL Injection. SQL Injection attacks are common for the following reasons: • The ...
Bleeping Computer

75k WordPress sites impacted by critical online course plugin flaws

The WordPress online course plugin 'LearnPress' was vulnerable to multiple critical-severity flaws, including pre-auth SQL injection and local file inclusion. LearnPress is a learning management ...
Ars Technica

Attackers exploit 0-day code-execution flaw in the Sophos firewall

Users of a widely used firewall from Sophos have been under a zero-day attack that was designed to steal usernames, cryptographically protected passwords, and other sensitive data, officials with the ...